Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8b96af6cffe6146e018d8039687d05bc821f5fb71f99fc07a8d8728b701bd15c

  • Size

    563KB

  • Sample

    230425-fv4bragf29

  • MD5

    c9ed106bca8842a9adaaefb89a7e3835

  • SHA1

    d6e4fc7de114d7aa3b939cce0a421b996f4d31c4

  • SHA256

    8b96af6cffe6146e018d8039687d05bc821f5fb71f99fc07a8d8728b701bd15c

  • SHA512

    149106e250ebd0a89b21f91fc7af545e42f63554dc0ee71067382bc0c2bec08ee1a122919c19ac27e688bb09c6e373861a2cf43fe0d3b51ba3bb33735d818046

  • SSDEEP

    12288:9y90FilJz4nuyM8TbsedEow9o9wGb+L1XItXu3k7N2:9ydynuyTyo3wa2G1AEM

Malware Config

Targets

    • Target

      8b96af6cffe6146e018d8039687d05bc821f5fb71f99fc07a8d8728b701bd15c

    • Size

      563KB

    • MD5

      c9ed106bca8842a9adaaefb89a7e3835

    • SHA1

      d6e4fc7de114d7aa3b939cce0a421b996f4d31c4

    • SHA256

      8b96af6cffe6146e018d8039687d05bc821f5fb71f99fc07a8d8728b701bd15c

    • SHA512

      149106e250ebd0a89b21f91fc7af545e42f63554dc0ee71067382bc0c2bec08ee1a122919c19ac27e688bb09c6e373861a2cf43fe0d3b51ba3bb33735d818046

    • SSDEEP

      12288:9y90FilJz4nuyM8TbsedEow9o9wGb+L1XItXu3k7N2:9ydynuyTyo3wa2G1AEM

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks